package com.bangcommunity.bbframe.sdm.web.shiro.filter;//package cn.qtone.uc.common.web.shiro;

import com.bangcommunity.bbframe.common.utils.lang.StringUtils;
import com.bangcommunity.bbframe.sdm.utils.RequestUtils;
import com.bangcommunity.bbframe.sdm.web.exception.RestConf;
import com.bangcommunity.bbframe.sdm.web.shiro.BaseSdmAuthenticationToken;
import com.bangcommunity.bbframe.sdm.web.shiro.ISdmWebTokenService;
import org.springframework.beans.factory.annotation.Autowired;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.Serializable;

/**
 * 基于Shiro 实现的SSO登陆认证的Filter
 *
 * @version 1.0
 * @author tanghc
 */
public class BaseSdmSsoRedirectAuthenticationFilter<PK extends Serializable>
        extends AbstractSdmSsoRedirectAuthenticationFilter<PK, BaseSdmAuthenticationToken> {

    @Autowired(required = false)
    private ISdmWebTokenService<PK> sdmWebTokenService;

    @Override
    protected BaseSdmAuthenticationToken createSdmToken(HttpServletRequest request, HttpServletResponse response) {
        String extractParam = RequestUtils.extractParam(request, RestConf.tokenKey);
        if (StringUtils.isBlank(extractParam)) {
            logger.error("create sdm token fail no sso_access_token");
            return null;
        }
        BaseSdmAuthenticationToken token = new BaseSdmAuthenticationToken();
        token.setSsoToken(extractParam);
        return token;
    }

    @Override
    protected boolean validToken(PK uid, String token) {
        return sdmWebTokenService.validToken(uid, token);
    }
}
